{"id":"CVE-2025-58190","details":"The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.","aliases":["GO-2026-4441"],"modified":"2026-05-16T08:29:37.006460758Z","published":"2026-02-05T18:16:10.027Z","related":["CGA-676m-cmwh-7rgc","SUSE-SU-2025:21043-1","SUSE-SU-2025:21221-1","SUSE-SU-2025:4190-1","SUSE-SU-2025:4444-1","SUSE-SU-2025:4446-1","SUSE-SU-2025:4479-1","SUSE-SU-2025:4482-1","SUSE-SU-2026:0028-1","SUSE-SU-2026:0403-1","SUSE-SU-2026:0580-1","SUSE-SU-2026:20089-1","SUSE-SU-2026:20176-1","SUSE-SU-2026:20244-1","SUSE-SU-2026:20357-1","SUSE-SU-2026:20685-1","openSUSE-RU-2026:20010-1","openSUSE-SU-2025:15607-1","openSUSE-SU-2025:15616-1","openSUSE-SU-2025:15617-1","openSUSE-SU-2025:15618-1","openSUSE-SU-2025:15619-1","openSUSE-SU-2025:15620-1","openSUSE-SU-2025:15654-1","openSUSE-SU-2025:15669-1","openSUSE-SU-2025:15709-1","openSUSE-SU-2025:15729-1","openSUSE-SU-2025:15730-1","openSUSE-SU-2025:15743-1","openSUSE-SU-2025:15779-1","openSUSE-SU-2025:15830-1","openSUSE-SU-2025:15852-1","openSUSE-SU-2025:15854-1","openSUSE-SU-2025:20118-1","openSUSE-SU-2025:20143-1","openSUSE-SU-2025:20160-1","openSUSE-SU-2026:10173-1","openSUSE-SU-2026:10543-1","openSUSE-SU-2026:20044-1","openSUSE-SU-2026:20058-1","openSUSE-SU-2026:20105-1","openSUSE-SU-2026:20132-1","openSUSE-SU-2026:20206-1","openSUSE-SU-2026:20318-1","openSUSE-SU-2026:20327-1","openSUSE-SU-2026:20730-1"],"references":[{"type":"ADVISORY","url":"https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2026-4441"},{"type":"REPORT","url":"https://github.com/golang/vulndb/issues/4441"},{"type":"FIX","url":"https://go.dev/cl/709875"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"0.45.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58190.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}